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DETAILED ACTION 



Claim Rejections • 35 USC § 103 



1 . The following is a quotation of 35 U.S.C. 1 03(a) whicli forms ttie basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole' would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



2. Claims 1-27 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Weschler et al. (U.S. Patent No. 6,470,332), Hann et al. (U.S. Patent No. 
4,799,153), and Albrecht et al. (U.S. Patent No. (5,950,011). 

3. Weschler rendered obvious independent claims 1,10, and 1 9 by the 
following: 

"...said system administrator defined..." at col. 2, lines 35-37 and col. 1, lines 55-59. 
"...read access control command..." at col. 8, lines 1-15, col. 8, lines 56-59, and col. 7, 
lines 56-59. 

"...listing a set of Lightweight Directory Access Protocol (LDAP) user attributes..." at col. 
1, lines 55-59, col. 4, lines 7-9, col. 4, lines 61-63, and col. 8, lines 56-59. 
"...selected and controlled by said administrator..." at col. 1, lines 55-59, col. 3, lines 62- 
64, and col. 2, lines 35-37. 

"...said user selecting a subset..." at col. 3, lines 43-47, col. 3, lines 62-64, col. 1, lines 
60-63, and col. 4, lines 7-9. 

"...from said system administrator defined LDAP user attributes..." at col. 2, lines 35-37, 
col. 1, lines 55-63, and col. 8, lines 56-59. 
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"...said user defined subset...," at col. 5, lines 28-32, col. 1, lines 55-63, and col. 4, lines 
7-9. 

"...of system administrator defined LDAP user attributes..." at col. 2, lines 35-37, col. 1, 
lines 55-59, col. 4, lines 61-63, and col. 8, lines 56-59. 

"...and said read access control command..." at col. 8, lines 1-9, col. 8, lines 56-59, and 
col. 7, lines 56-59. 

"...referring to said user defined..." at col. 1 , lines 55-59. 
"...at runtime..." at col. 1, lines 55-59. 

"...read access to said system administrator defined LDAP user attributes..." at col. 8, 
lines 1-15, col. 8, lines 56-59, col. 2, lines 35-37, col. 1, lines 55-59, and col. 7, lines 56- 
59. 

"...wherein said read access control command..." at col. 8, lines 1-9, col. 8, lines 56-59, 
and col. 7, lines 56-59. 

"...resides in a directory containing said LDAP user attributes..." at col. 8, lines 10-15 
and col. 8, lines 56-59. 

Weschler does not teach the use of user identifications, the providing of user 
defined access command attributes, and the use of read lists. 

4. However, Hann teaches the use of user identifications as follows: 
"...containing user identifications..." at col. 16, lines 16-21. 

"...thereby allowing said read user identifications..." at col. 7, lines 30-33 and col. 16, 
lines 16-21. 
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It would have been obvious to one ordinarily skilled in the art at the time of the 
invention- to use user identifications in order have a method of determining which users 
were authorized to use the system. 

Hann does not teach the providing of user defined access comnnand attributes, 
providing of system administrator defined access commands, and the use of read lists. 

5. However, Albrecht teaches the providing of user defined access command 
attributes and the use of read lists as follows: 

"...providing a system administrator defined read access control command for a user..." 
at col. 4, lines 19-23, col. 1, lines 62-67, col. 2, lines 1-3, col. 2, lines 26-32, col. 9, lines 
45-49, and col. 4, lines 23-27. 

"...for allowing user defined read access to other users..." at col. 2, lines 25-32, col. 6, 
lines 64-67, col. 7, lines 1-2, and col. 19, lines 38-42. 

"...providing a user defined access control command attribute..." at col. 1, lines 62-67, 

col. 2, lines 1-3, col. 2, lines 26-32, col. 9, lines 45-49, and col. 9, lines 57-58. 

"...read list..." at col. 10, lines 18-23. 

"...that are allowed to read..." at col. 2, lines 26-32. 

"...read list..." at col. 10, lines 18-23. 

It would have been obvious to one ordinarily skilled in the art at the time of the 
invention to provide the user with the capability of defining access command attributes 
in order to make the system user-friendly and provide ease of operation of the system. 
Likewise, it would have been obvious to one ordinarily skilled in the art at the time of the 
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invention to be able to read a user-defined list in order to select entries in the list for 
further processing. 

6. Weschler rendered obvious independent claims 5, 14, and 23 by the 
following: 

"...that lists Lightweight Directory Access Protocol (LDAP) user attributes..." at col. 4, 
lines 61-63 and col. 8, lines 56-59. 

"...that said administrator has selected..." at col. 2, lines 35-37 and col. 1, lines 55-57. 
"...for user defined read access..." at col. 1, lines 55-57, col. 8, lines 3-9, and coL 8, lines 
56-59. 

"...said user selecting a subset...," at col. 3, lines 43-47, col. 1 . ;ines 55-63, and col. 4, 
lines 7-9, 

"...providing a system administrator defined..." at col. 2, lines 35-37 and col. 1 , lines 55- 
57. 

"...write access control command..." at col. 8, lines 3-9, col. 8, lines 55-59, and col. 7, 
lines 57-61. 

"...that lists LDAP user attributes..." at col. 8, lines 56-59, col. 1, lines 55-59, and col. 7, 
lines 56-59. 

"...that said administrator has selected..." at col. 2, lines 35-37 and col. 1, lines 55-57. 
"...for user defined write access..." at col. 1 , lines 55-59, col. 8, lines 39-, and col. 8, 
lines 56-59. 

"...providing a plurality of user defined..." at col. 1 , lines 55-59. 

"...access control command attribute..." at col. 8, lines 55-59 and col. 7, lines 57-61. 
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"...said user defined subset...," at col. 5, lines 28-32, col. 1, lines 55-63, and col. 4, lines 
7-9. 

"...from said LDAP user attributes..." at col. 8, lines 56-59, col. 1 , lines 55-59, and col. 7, 
lines 56-59. 

"...that said administrator has selected..." at col. 2, lines 35-37 and col. 1 , lines 55-57. 
"...for user defined read access..." at col. 1 , lines 55-57, col. 8, lines 3-9, and col. 8, lines 
56-59. 

"...and providing a plurality of user defined..." at col. 1 , lines 55-59. 

"...access control command attribute..." at col. 8, lines 55-59 and col. 7, lines 57-61 . 

"...said user defined subset...," at col. 5, lines 28-32, col. 1, lines 55-63, and col. 4, lines 

7-9. 

"...from said LDAP user attributes..." at col. 8, lines 56-59, col. 1 , lines 55-59, and col. 7, 
lines 56-59. 

"...that said administrator has selected..." at col. 2, lines 35-37 and col. 1 , lines 55-57. 
"...for user defined write access..." at col. 1, lines 55-57, col. 8, lines 3-9, and col. 8, 
lines 56-59. 

"...wherein said read access control command and said write access control 
command..." at col. 8, lines 3-9, col. 8, lines 56-59, and col. 7, lines 57-61. 
"...reside in a directory containing said LDAP user attributes..." at col. 8, lines 10-15, col. 
8, lines 56-59, and col. 7, lines 56-59. 

"...wherein when a client read access... at col. 1, lines 55-59, col. 8, lines 3-9, and col. 8, 
lines 56-59. 
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"...to one of the LDAP user attributes..." at col. 4, lines 61-63 and col. 8, lines 56-59. 
"...that said administrator has selected..." at col. 2, lines 35-37 and col. 1, lines 55-57. 
"...for user defined read access occurs..." at col. 1 , lines 55-57, col. 8, lines 3-9, and col. 
8, lines 56-59. 

"...said read access control command..." at col. 8, lines 3-9, col. 8, lines 56-59, and col. 

7, lines 57-61 . 

"...of the attribute being accessed..." at col. 8, lines 56-59. 

"...said read access..." at col. 8, lines 1-9 and col. 8, lines 56-59. 

"...and wherein when a client write access..." at col. 1, lines 55-59, col. 8, lines 3-9, and 

col. 8, lines 56-59. 

"...to one of the LDAP user attributes..." at col. 4, lines 61-63 and col. 8, lines 56-59. 
"...that said administrator has selected..." at col. 2, lines 35-37 and col. 1, lines 55-57. 
"...for user defined write access occurs..." at col. 1, lines 55-57, col. 8, lines 3-9, and col. 

8, lines 56-59. 

"...said write access control command..." at col. 8, lines 3-9, col. 8, lines 56-59, and col. 
7, lines 57-61 . 

"...of the attribute being accessed..." at col. 8, lines 56-59. 
"...said write access..." at col. 8, lines 1-9 and col. 8, lines 56-59. 

Weschler does not teach providing system administrator access control 
commands, the lists of user identifications, the use of owners, the use of read lists, and 
the use of write lists. 

7. However, Hann teaches the use of user identifications as follows: 
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"...containing user identifications..." at col. 16, lines 16-21." 
"...containing user identifications..." at col. 16, lines 16-21. 
"...of the owner..." at col. 16, lines 20-21 and col. 7, lines 36-39. 
"...of the owner..." at col. 16, lines 20-21 and col. 7, lines 36-39. 

It would have been obvious to one ordinarily skilled in the art at the time of the 
invention to use user identifications in order have a method of determining which users 
were authorized to use the system. Likewise, it would have been obvious to one 
ordinarily skilled in the art at the time of the invention to allow certain users to own 
attributes in order to restrict use of these attributes to users that have permission of the 
owner to use the owned attributes. 

Hann does not teach providing system administrator access control commands 
and the use of read lists and the use of write lists. 

8. However, Albrecht teaches the use of read lists and the use of write lists 
as follows: 

"...providing for a user a system administrator defined read access control command..." 
at col. 4, lines 19-27, col. 1, lines 62-67, col. 2, lines 1-3, col. 2, lines 26-32, and col. 9, 
lines 45-49. 

"...of user defined LDAP user attributes from said list for read access to other users..." at 
col. 2, lines 25-32, col. 6, lines 64-67, col. 7, lines 1-2, and col. 19, lines 38-42. 
"...providing for a user a system administrator defined write access control command..." 
at col. 4, lines 19-27, col. 1, lines 62-67, col. 2, lines 1-3, col. 2, lines 26-32, and col. 9, 
lines 45-49. 
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"...of user defined LDAP user attributes from said list for read access to other users..." at 

col. 2, lines 25-32, col. 6, lines 64-67, col. 7, lines 1-2, and col. 19, lines 38-42. 

"...read lists..." at col. 10, lines 18-23. 

"...that are allowed to read..." at col. 2, lines 26-32. 

"...write lists..." at col. 2, lines 26-32 and col. 10, lines 18-23. 

"...that are allowed to write..." at col. 2, lines 26-32. 

"...and the read list..." at col. 10, lines 18-23. 

"...are used to determine if said client has pemiission to execute..." at col. 21, lines 61- 
65 and col. 13, lines 31-34. 
"...and the write list..." 

"...are used to determine if said client has permission to execute..." at col. 21, lines 61- 
65 and col. 13, lines 31-34. 

It would have been obvious to one ordinarily skilled in the art at the time of the 
invention to provide the system administrator with the capability of defining access 
commands in order to make the system user-friendly and provide ease of operation of 
the system. Likewise, it would have been obvious to one ordinarily skilled in the art at 
the time of the invention to be able to read using a user-defined list in order to select 
entries in the list for further processing and to write using a user-defined list in order to 
complete processing entities on the list. 

9. Weschler rendered obvious independent claims 6, 15, and 24 by the 
following: 

"...said system administrator defined..." at col. 2, lines 35-37 and col. 1, lines 55-59. 
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"...write access control command..." at col. 8, lines 1-15, col. 8, lines 56-59, and col. 7, 
lines 56-59. 

"...listing a set of Lightweight Directory Access Protocol (LDAP) user attributes..." at col. 
1, lines 55-59, col. 4, lines 7-9, col. 4, lines 61-63, and col. 8, lines 56-59. 
"...selected and controlled by said administrator..." at col. 1, lines 55-59, col. 3, lines 62- 
64, and col. 2, lines 35-37. 

"...said user selecting a subset..." at col. 3, lines 43-47, col. 1, lines 55-63, and col. 4, 
lines 7-9. 

"...from said system administrator defined LDAP user attributes..." at col. 2, lines 35-37, 
col. 1, lines 55-59, col. 4, lines 61-63, and col. 8, lines 56-59. 

"...said user defined subset...," at col. 5, lines 28-32, col. 1, lines 55-63, and col. 4, lines 
7-9. 

"...of system administrator defined LDAP user attributes..." at col. 2, lines 35-37, col. 1, 
lines 55-59, col. 4, lines 61-63, and col. 8, lines 56-59. 

"...and said write access control command..." at col. 8, lines 1-15, col. 8, lines 56-59, 
and col. 7, lines 56-59. 

"...referring to said user defined..." at col. 1 , lines 55-59. 
"...at runtime..." at col. 1, lines 55-59. 

"...write access to said system administrator defined LDAP user attributes..." at col. 8, 
lines 1-15, col. 8, lines 56-59, col. 2, lines 35-37, col. 1, lines 55-59, and col. 7, lines 56- 
59. 
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"...wherein said write access control command..." at col. 8, lines 1-15, col. 8, lines 56- 
59, and col. 7, lines 56-59. 

"...resides in a directory containing said LDAP user attributes..." at col. 8, lines 10-15, 
col. 8, lines 56-59, and col. 7, lines 56-59. 

Weschler does not teach the use of user identifications, the providing of user 
defined access command attributes, the providing of system administrator defined 
access commands, and the use of write lists. 

10. However, Hann teaches the use of user identifications as follows: 
"...containing user identifications..." at col. 16, lines 16-21 . 

"...thereby allowing said write user identifications..." at col. 7, lines 30-33 and col. 16, 
lines 16-21. 

It would have been obvious to one ordinarily skilled in the art at the time of the 
invention to use user identifications in order have a method of determining which users 
were authorized to use the system. 

Hann does not teach the providing of user defined access command attributes, 
the providing of system adnninistrator defined access commands, and the use of write 
lists. 

1 1 . However, Albrecht teaches the use of write lists as follows: 
"...providing a system administrator defined write access control command for a user..." 
at col. 4, lines 19-23, col. 1, lines 62-67, col..2, lines 1-3, col. 2, lines 26-32. col. 9, lines 
45-49, and col. 4, lines 23-27. 
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"...for allowing user defined write access to other users..." at col. 2, lines 25-32, col. 6, 
lines 64-67, col. 7, lines 1-2, and col. 19, lines 38-42. 
"...write list..." at col. 2, lines 26-32 and col. 10, lines 18-23. 
"...that are allowed to write..." at col. 2, lines 26-32. 

"...providing a system administrator defined write access control command..." at col. 4, 
lines 19-23, col. 1, lines 62-67, col. 2, lines 1-3, col. 2, lines 26-32, and col. 9, lines 45- 
49. 

"...write list..." at col. 2, lines 26-32 and col. 10, lines 18-23. 

"...write access to said user attributes..." at col. 10, lines 57-61 and col. 9, lines 57-58. 

It would have been obvious to one ordinarily skilled in the art at the time of the 
invention to provide of user with the capability of defining access command attributes in 
order to make the system user-friendly and provide ease of operation of the system. 
Likewise, it would have been obvious to one ordinarily skilled in the art at the time of the 
invention to be able to write a user-defined list in order to select entries in the list for 
further processing. 

12. As per claims 2, 1 1 , and 20, the "...read access control command...," is 
taught by Weschler at col. 8, lines 1-9, col. 8, lines 57-59, and col. 7, lines 56-59, 
the "...according to the attribute being accessed..,," is taught by Weschler at col. 8, lines 
57-59, 

the "...refers to the read list...," is taught by Albrecht at col. 10, lines 18-23, 

the "...list of the owner...," is taught by Hann at col. 16, lines 20-21 and col. 7, lines 36- 

39, 
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the "...of the attribute being accessed...," is taught by Weschler at col. 8, lines 57-59, 
the "...to determine if said client has permission to execute...," is taught by Albrecht at 
col. 21, lines 61-65 and col. 13, lines 31-34, 

and the "...read access...," is taught by Weschler at col. 8, lines 1-9 and col. 8, lines 56- 
59. 

13. As per claims 3, 12, and 21, the "...providing a user defined...," is taught 
by Weschler at col. 1 , lines 55-59, 

the "...write list...," is taught by Albrecht at col. 2, lines 26-32 and col. 10, lines 18-22. 
the "...containing user identifications...," is taught by Hann at col. 16, lines 16-21, 
the "...that are allowed to write a specified set of attributes...," is taught by Weschler at 
col. 8, lines 3-9, 

the "...providing a system administrator defined...," is taught by Weschler at col. 2, lines 
35-37 and col. 1, lines 55-59, 

the "...write access control command...," is taught by Weschler at col. 8, lines 1-9, col. 8, 
lines 56-59, and col. 7, lines 56-59, 

the "...write access control command...," is taught by Weschler at col. 8, lines 1-9, col. 8, 
lines 56-59, and col. 7, lines 56-59, 

the "...listing the user attributes...," is taught by Weschler at col. 8, lines 56-59 and col. 
7, lines 56-59, 

the "...said administrator has selected...," is taught by Weschler at col. 2, lines 35-37 
and col. 1, lines 55-59, 
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the "...for user defined write access...," is taught by Weschler at col. 1, lines 55-59, col. 
8, lines 1-9, and col. 8, lines 56-59, 

the "...write access control command referring to...," is taught by Weschler at col. 8, 

lines 1-9, col. 8, lines 56-59, and col. 7, lines 56-59, 

the "...user defined...," is taught by Weschler at col. 1 , lines 55-59, 

the "...write list...," is taught by Albrecht at col. 2, lines 26-32 and col. 10, lines 18-22, 

the "...user identifications...," is taught by Hann at col. 16, lines 16-21, 

and the "...write access to said user attributes...," is taught by Weschler at col. 8, lines 

56- 59 and col. 7, lines 56-59. 

14. As per claims 4, 13, and 22, the "...write access control command...," is 
taught by Weschler at col. 8, lines 1-9, col. 8, lines 57-59, and col. 7, lines 56-59, 
the "...according to the attribute being accessed...," is taught by Weschler at col. 8, lines 

57- 59, 

the "...refers to the write list...," is taught by Cutler at col. 23, lines 58-60, 

the "...list of the owner...," is taught by Hann at col. 16, lines 20-21 and col. 7, lines 36- 

39, 

the "...of the attribute being accessed...," is taught by Weschler at col. 8, lines 57-59, 
the "...to determine if said client has permission to execute...," is taught by Albrecht at 
col. 21, lines 61-65 and col. 13, lines 31-34, 

and the "...write access..," is taught by Weschler at col. 8, lines 1-9 and col. 8, lines 56- 
59. 



Application/Control Number: 09/447,443 Page 15 

Art Unit: 2177 

15. As per claims 7, 16, and 25, the "...write access control command...," is 
taught by Weschler at col. 8, lines 1-9, col. 8, lines 57-59, and col. 7, lines 56-59, 

the "...according to the attribute being accessed...," is taught by Weschler at col. 8, lines 
57-59, 

the "...refers to the write list...," is taught by Cutler at col. 23, lines 58-60, 

the "...list of the owner...," is taught by Hann at col. 16, lines 20-21 and col. 7, lines 36- 

39, 

the "...of the attribute being accessed...," is taught by Weschler at col. 8, lines 57-59, 
the "...to determine if said client has permission to execute...," is taught by Albrecht at 
col. 21, lines 61-65 and col. 13, lines 31-34, 

and the "...write access..," is taught by Weschler at col. 8, lines 1-9 and col. 8, lines 56- 
59. 

16. As per claims 8, 17, and 26, the "...providing a user defined...," is taught 
by Weschler at col. 1 , lines 55-59, 

the "...read list...," is taught by Albrecht at col. 10, lines 18-22, 
the "...containing user identifications...," is taught by Hann at col. 16, lines 16-21 , 
the "...that are allowed to read a specified set of attributes...," is taught by Weschler at 
col. 8, lines 3-9, 

the "...providing a system administrator defined...," is taught by Weschler at col. 2, lines 
35-37 and col . 1 , lines 55-59, 

the "...read access control command...," is taught by Weschler at col. 8, lines 1-9, col. 8, 
lines 56-59, and col. 7, lines 56-59, 
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the "...read access control command...," is taught by Weschler at col. 8, lines 1-9, col. 8, 
lines 56-59, and col. 7, lines 56-59, 

the "...listing the user attributes...," is taught by Weschler at col. 8, lines 56-59 and col. 

7. lines 56-59, 

the "...said administrator has selected...," is taught by Weschler at col. 2, lines 35-37 
and col. 1, lines 55-59, 

the "...for user defined read access...," is taught by Weschler at col. 1, lines 55-59, col. 

8, lines 1-9, and col. 8, lines 56-59, 

the "...read access control command referring to...," is taught by Weschler at col. 8, lines 

1-9, col. 8, lines 56-59, and col. 7, lines 56-59, 

the "...user defined...," is taught by Weschler at col. 1 , lines 55-59, 

the "...read list...," is taught by Albrecht at col. 10, lines 18-22, 

the "...user identifications...," is taught by Hann at cpl. 16, lines 16-21, 

and the "...read access to said user attributes...," is taught by Weschler at col. 8, lines 

56- 59 and col. 7, lines 56-59. 

17. As per claims 9, 18, and 27, the "...read access access control 
command...," is taught by Weschler at col. 8, lines 1-9, col. 8, lines 57-59, and col. 7, 
lines 56-59, 

the "...according to the attribute being accessed...," is taught by Weschler at col. 8, lines 

57- 59, 

the "...refers to the read list...," is taught by Albrecht at col. 10, lines 18-23, 
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the "...list of the owner...," is taught by Hann at col. 16, lines 20-21 and col. 7, lines 36- 
39, 

the "...of the attribute being accessed...," is taught by Weschler at col. 8, lines 57-59, 
the "...to determine if said client has permission to execute...," is taught by Albrecht at 
col. 21, lines 61-65 and col. 13, lines 31-34, 

and the "...read access...," is taught by Weschler at col. 8, lines 1-9 and col. 8, lines 56- 
59. 

Response to Arguments 

18. Applicant's arguments filed 18 August 2003 have been fully considered 
but they are not persuasive. In the first argument for claims 1,10, and 19 on page 2, 
paragraph 8, the Applicant states: 

"Therefore, Applicant is of the opinion that it is readily apparent that Weschler does not 
teach, suggest, or contemplate: said read access control command listino LDAP user 
attributes that said administrator has selected for user defined read access ." 

The Examiner disagrees. The Applicant has paraphrased the claim language. The 

examiner is in doubt of the meaning of "said administrator has selected for user defined 

read access." Weschler teaches "read access control command" at col. 8, lines 1-15, 

col. 8, lines 56-59, and col. 7, lines 56-59, "listing a set of Lightweight Directory Access 

Protocol (LDAP) user attributes" at col. 1, lines 55-59, col. 4, lines 7-9, col. 4, lines 61- 

63, and col. 8, lines 56-59, and "selected and controlled by said administrator" at col. 1, 

lines 55-59, col. 3, lines 62-64, and col. 2, lines 35-37. Weschler teaches as follows: 

'...Core profile engine 201 responds to the client application 
requests by executing requested functions on virtual profile 
data store 205. Core profile engine 201 maintains a set of 
metadata about every attribute and binding for every profile. 
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This metadata controls how the profile engine 2 01 makes the 
profile data available to client applications 202. This metadata 
includes, but is not limited to, information regarding owner 
identity, read-vnrite-iaodify permissions, group membership, 
timestamps, triggers, and the like. 

Virtual profile data store 2 05 may comprise a single data 
storage device, but more often comprises a plurality of 
disparate, heterogeneous data storage devices. The specific 
example of FIG. 2 includes a relational database 2 06, 
lightweight directory access protocol 2 07, flat data file 2 08, 
object oriented database 209, and X.500 directory 211...'' at 
col. 8, lines 1-15. 

''...Specific attributes can be requested as a return value with 
access control being checked..." at vol. 8, lines 57-59. 

. . .API 203 provides an interface that enables client 
applications that have a corresponding interface to send 
messages that enable the application to send data and comnicuids 
to request profile services from core profile engine 201..." at 
col. 7, lines 57-61. 

. . .Each software application running on the client, or the 
client's operating system ("OS") may save client specific 
configuration data that is used by the client to fine-tune and 
define the user's software environment at runtime..." at col. 1, 
lines 55-59. 

''...The user or system administrator must manually track the 
location and content of each configuration file..." at col. 2, 
lines 35-37. 

These combined teachings of Weschler show that system administrator is the agent of 
the client that defines (selects and controls) access using read access control 
commands provided through LDAP attributes. 

19. In the second argument for claims 1,10, and 19 on page 2, paragraph 9 
and page 3, paragraph 1, the Applicant states: 

"Furthermore, Applicant is of the opinion that Weschler, Hann, and Albrecht alone or in 

combination do not teach, suggest, or contemplate the following: 

• giving the user the ability to decide who can access some personal information (on 
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page 2, lines 10-11)." 

The Examiner disagrees. Wescliler teaches "said user selecting a subset' at col. 3, 
lines 43-47, col. 3, lines 62-64, col. 1 , lines 60-63, and col. 4, lines 7-9 and "from said 
system administrator defined LDAP user attributes" at col. 2, lines 35-37, col. 1, lines 
55-63, and col. 8, lines 56-59. The Examiner combines Weschler's teachings at col. 1 , 
lines 55-63 and col. 8, lines 56-59 to represent a "piece of a set" as a "subset". 

20. In the third argument for claims 1,10, and 1 9 on page 3, paragraph 2, the 
Applicant states: 

"providing a simplified access control language that gives the system administrator the 
ability to allow a user to specify a list of people that have access to certain attributes of 
that user's entry information (on page 2, lines 22-24)" 

The Examiner disagrees. The Applicant has paraphrased the claim language. These 
claims do not use the term "list of people". These claims use the term "read list". 
Albrecht teaches the use of a "read list of names" at col. 10, lines 18-23. 

21 . In the fourth argument for claims 1,10, and 19 on page 3, paragraph 3, 
the Applicant states: 

"providing a mechanism to allow a user to nnake those specifications (on page 2, lines 
25-26)" 

The Examiner disagrees. This argument is essentially a repeat of the second argument. 
For this reason, the response to the second argument is also valide for the fourth 
argument. 

22. In the fifth argument for claims 1 , 10, and 19 on page 3, paragraph 4, the 
Applicant states: 
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"providing access control lists (ACL) created by system administrators, where such 
ACLs list the specific attributes that the user is allowed to control read or write access, 
thus giving the administrators full control of what information the user can give out (on 
page 3, lines 10-12)" 

The Examiner disagrees. The Applicant has paraphrased the claim language. The use 
of access control lists does not appear in independent claims 1,10, and 1 9. The 
combination of teachings by Weschler and Albrecht teaches "access control command 
attribute read lists as follows: Weschler teaches "wherein said read access control 
command" at col. 8, lines 1-9, col. 8, lines 56-59, and col. 7, lines 56-59 and Albrecht 
teaches "read lisf at col. 10, lines 18-23. 

23. In the sixth argument for claims 1,10, and 1 9 on page 3, paragraph 5, the 
Applicant states: 

"...storing the ACLs in the directory along with the entries such that when a user 
accesses an entry in a directory, the server checks the ACL specified for attributes 
being accessed (on page 3, lines 14-15)." 

The Examiner disagrees. The Applicant has paraphrased the claim language. The use 
of access control lists does not appear in independent claims 1,10, and 1 9. The 
combination of teachings by Weschler and Albrecht teaches "access control command 
attribute read lists as follows: Weschler teaches "wherein said read access control 
command" at col. 8, lines 1-9, col. 8, lines 56-59, and col. 7, lines 56-59 and Albrecht 
teaches "read list" at col. 10, lines 18-23. Weschler teaches "resides in a directory 
containing said LDAP user attributes" at col. 8, lines 10-15 and col. 8, lines 56-59. 

Conclusion 

24. Applicant's amendment necessitated the new ground(s) of rejection 
presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See 
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MPEP § 706.07(a). Applicant is renninded of the extension of time policy as set forth in 
37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the nnailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

25. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Harold E. Dodds, Jr. whose telephone number is 
(703)-305-1802. The examiner can normally be reached on Monday - Friday 8:00 - 
4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John E. Breene can be reached on (703)-305-9790. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Harold E. Dodds, Jr. 
Patent Examiner 
June 1 , 2004 



